Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Jan. 3, 2025, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
189141	7.5	危険	nonnoi solutions	-	Nonnoi ASP/Barcode ActiveX コントロールにおける任意のファイルを上書きされる脆弱性	-	CVE-2007-3660	2012-09-25 16:47	2007-07-10	Show	GitHub Exploit DB Packet Storm

189142	5	警告	マイクロソフト	-	Microsoft REGSVR におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-3658	2012-09-25 16:47	2007-07-10	Show	GitHub Exploit DB Packet Storm

189143	2.1	注意	NetBSD	-	NetBSD の display driver allocattr 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2007-3654	2012-09-25 16:47	2007-09-17	Show	GitHub Exploit DB Packet Storm

189144	6.8	警告	ヒューレット・パッカード	-	HP Digital Imaging の hpqvwocx.dll における絶対パストラバーサルの脆弱性	-	CVE-2007-3649	2012-09-25 16:47	2007-07-10	Show	GitHub Exploit DB Packet Storm

189145	7.8	危険	Linux	-	Linux kernel の net/netfilter/nf_conntrack_h323_asn1.c におけるサービス運用妨害 (DoS) の脆弱性	CWE-189 数値処理の問題	CVE-2007-3642	2012-09-25 16:47	2007-07-9	Show	GitHub Exploit DB Packet Storm

189146	7.5	危険	mkportal	-	MKPortal における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2007-3637	2012-09-25 16:47	2007-07-9	Show	GitHub Exploit DB Packet Storm

189147	6.8	警告	LimeSurvey	-	LimeSurvey における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-3632	2012-09-25 16:47	2007-07-9	Show	GitHub Exploit DB Packet Storm

189148	10	危険	levent veysi portal	-	Levent Veysi Portal の oku.asp における SQL インジェクションの脆弱性	-	CVE-2007-3629	2012-09-25 16:47	2007-07-9	Show	GitHub Exploit DB Packet Storm

189149	5	警告	PEAR	-	PEAR Structures-DataGrid-DataSource-MDB2 の MDB2.php における "生成されたソートクエリを操作される" 脆弱性	-	CVE-2007-3628	2012-09-25 16:47	2007-07-9	Show	GitHub Exploit DB Packet Storm

189150	7.5	危険	php lite	-	PHP Lite Calendar Express における SQL インジェクションの脆弱性	-	CVE-2007-3627	2012-09-25 16:47	2007-07-9	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Jan. 4, 2025, 4:07 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
271	-		-	-	The AHAthat Plugin WordPress plugin through 1.6 does not escape the $_SERVER['REQUEST_URI'] parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in … New	-	CVE-2024-12595	2025-01-2 15:15	2025-01-2	Show	GitHub Exploit DB Packet Storm

272	-		-	-	The goodlayers-core WordPress plugin before 2.0.10 does not sanitise and escape some of its settings, which could allow users with the contributor role and above to perform Stored Cross-Site Scriptin… New	-	CVE-2024-11357	2025-01-2 15:15	2025-01-2	Show	GitHub Exploit DB Packet Storm

273	-		-	-	The wp-enable-svg WordPress plugin through 0.7 does not sanitize SVG files when uploaded, allowing for authors and above to upload SVGs containing malicious scripts New	-	CVE-2024-11184	2025-01-2 15:15	2025-01-2	Show	GitHub Exploit DB Packet Storm

274	-		-	-	The Net::EasyTCP package 0.15 through 0.26 for Perl uses Perl's builtin rand() if no strong randomization module is present. New	-	CVE-2024-56830	2025-01-2 14:15	2025-01-2	Show	GitHub Exploit DB Packet Storm

275	-		-	-	The Net::EasyTCP package before 0.15 for Perl always uses Perl's builtin rand(), which is not a strong random number generator, for cryptographic keys. New	-	CVE-2002-20002	2025-01-2 14:15	2025-01-2	Show	GitHub Exploit DB Packet Storm

276	-		-	-	Landray EIS 2001 through 2006 allows Message/fi_message_receiver.aspx?replyid= SQL injection. New	-	CVE-2025-22214	2025-01-2 13:15	2025-01-2	Show	GitHub Exploit DB Packet Storm

277	-		-	-	Huang Yaoshi Pharmaceutical Management Software through 16.0 allows arbitrary file upload via a .asp filename in the fileName element of the UploadFile element in a SOAP request to /XSDService.asmx. New	-	CVE-2024-56829	2025-01-2 13:15	2025-01-2	Show	GitHub Exploit DB Packet Storm

278	9.8	CRITICAL Network	-	-	The Electronic Official Document Management System from 2100 Technology has an Authentication Bypass vulnerability. Although the product enforces an IP whitelist for the API used to query user tokens… New	-	CVE-2024-13061	2025-01-2 11:15	2024-12-31	Show	GitHub Exploit DB Packet Storm

279	-		-	-	A vulnerability classified as critical has been found in code-projects Job Recruitment 1.0. This affects an unknown part of the file /_parse/_feedback_system.php. The manipulation of the argument per… New	CWE-89 CWE-74 SQL Injection Injection	CVE-2025-0168	2025-01-1 23:15	2025-01-1	Show	GitHub Exploit DB Packet Storm

280	-		-	-	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ibnuyahya Category Post Shortcode allows Stored XSS.This issue affects Category Post Shortcode: f… New	CWE-79 Cross-site Scripting	CVE-2024-56021	2025-01-1 09:15	2025-01-1	Show	GitHub Exploit DB Packet Storm